| | | 20,000+ Fresh Resumes Monthly | |
|
|
| |
Click here or scroll down to respond to this candidateCandidate's Name , CPA, CISA, CISSP, PCI-ISA, CIPP IT...Greater New York City Area Street Address -632-9873 EMAIL AVAILABLE LINKEDIN LINK AVAILABLE Senior-level Information Security and Operational Risk Executive that drives revenue by understanding relationships between financial needs and business processes by consistently managing a diverse set of needs and regulatory compliance standards. Highly engaged business leader who leverages strategic risk management expertise with a deep understanding of financial industry regulatory challenges, people and process engagement. Change agent adept at quickly identifying potential problems, regulatory isues, and producing innovative and sustainable solutions that drive immediate business needs. History of cultivating an environment of personal growth propelling employees forward to obtain advanced career positions. Noted for:Influencing Company Growth: Directly influenced companys growth from an entrepreneurially focused operation to a sophisticated force in the retail financial industry, providing regulatory and risk management strategies. Created NYCEs Audit Committee Charter with controls/SOX reporting frameworks. Owned FFIEC relationships.Implementing Global Safeguards: Identified threats and vulnerabilities, engineering and implementing technical and procedural safeguards to prevent data breaches. Developed data flows and utilized diagnostic tools to gain a better understanding of the location and use of unprotected data. Implemented a strategy of redaction and replacement tokenization for Street Address countries over a period of three years.Building Sustainable Controls: Consolidated multiple control frameworks into a unified control framework (UCF) over a period of two years, strengthening Wyndhams data privacy and integrity controls after previous years of confirmed data breaches. UCF blocked Street Address % of all attempted data breaches with attestations of compliance.Generating Additional Revenue Streams: Coauthored the Firms Antifraud and FCPA Fraud Check Up methodology to launch Antifraud Service offering which yielded an increase in revenue. Helping Organizations Recognize and Mitigate ThreatsTechnology Risk ManagementInternal ComplianceMentor Team BuildingPCI and SOX ComplianceFramework ImplementationClient Relationship ManagementCyber Security Risk ReductionProcess and Product DesignStrategic PlanningAccount ManagementFraud InvestigationsInternal AuditBrings Insight and Innovation to Large-Scale Business Projects and Processes American International Group (AIG), New York, NYAmerican multinational finance and insurance corporation with operations in over 80 countries, $47.4B (2017) in revenue. PCI GLOBAL EXECUTIVE, 2015 PresentRecruited by AIG to lead global efforts, comprised of 31 countries, including METI regulated Japanese subsidiaries. Led design and implementation of upgrades to IT security and business process, complying to Payment Card Industry (PCI) standards. $35M budget responsibility with oversight of global projects, technology teams, and management of remediation plans.Mitigating Security Breach Risks: Determined business requirements aligned with PCI DSS, NYDFS, AIG control, and privacy standards in collaboration with global operational and first-line of defense executives, mitigating billions of dollars in data loss risks and possible damage to AIGS leading reputation.Collaborating with Leaders: Facilitating current framework implementation as member of GI/Personal Insurance Third- Party Risk Management team, providing remediation oversight, overcoming objections, obtaining needed funding while partnering with leaders from Information Security, Compliance, Legal, Operations, Claims, Underwriting, and IT.Engineered compelling business cases, outlining risk, annual loss expectancy, and benefits. Brought to completion global risk reduction plan.Thinking Outside the Box: Constructed FFIEC & PCI Target Operating Models and global nformation security awareness programs focused on building a sustainable, cost-efficient, transparent approach to adhere to compliance standards. Versatile Risk and Compliance Professional withthe Ability to Influence Change at all LevelsCandidate's Name , CPA, CISA, CISSP, PCI-ISA, CIPP IT Page 2Generated costs savings by discovering new ways to collect payment without retaining sensitive client data, changing business practices by reducing compliance obligations. Wyndham Worldwide Corporation, Parsippany NJGlobal hospitality company and provider of technology services, with $4.04B in revenue in 2019. DIRECTOR, CORPORATE INFORMATION SECURITY, COMPLIANCE AND RISK ASSESSMENT, 2011 2015 Managed IT risk and compliance for Wyndhams three business units with focus on corporate IT compliance and related internal controls support. Oversaw corporate PCI, SOX, and IT compliance programs with frequent travel to 18 countries to build partnerships.Influential contributor in matching or creating safeguards for difficult-to-mitigate vulnerabilities such as hard-to-replace end-of-life technology.Key role in creation of WYNs Information Security strategy geared towards safeguarding information assets.Identified commercially reasonable practices of peer organization to protect company networks, changing business practices and sustainable compliance.Engineered control frameworks for identity access, vulnerability-management monitoring programs, security awareness, and ISO27005 Risk Assessment program, allowing for multiple requirements to be audited once instead of multiple times.Developed focused IT and PCI compliance and risk assessment programs for Hotel Group Managed Properties, efficiently securing hundreds of individual properties.Evaluated and managed all security devices on company network, installing network firewalls and universal threat models to aid in prevention and detection of hostile network traffic.Spearheaded Wyndhams compliance programs for IT network architecture, including firewalls and communications equipment, logging and monitoring (SIEM)technology and controls to ensure system availability and security.Oversaw Qualified Security Assessor (QSA) relationships and created Wyndhams first Service Provider ROC for Wyndham Vacation Ownership, Hotel Groups, and Wyndham Exchange and Rentals, resulting in significant cost savings and PCI accreditation required by regulators.Crowe Horwath LLP, New York City, NYEighth-largest global accounting, consulting, and technology firm with 220 firms in 130 countries, yielding $4.4B (2019.) SENIOR MANAGER IT RISK NATIONAL PCI PRACTICE LEAD, 2007 2011 Managed client relationships with over 25 financial institutions, Japanese trust banks, service bureaus, New York/New Jersey merchants, and global clientele with deep knowledge in SAS 70, SOX 404 accelerated/FDICIA filers, trust and investment banks, and private companies. Held responsibility for national PCI business development, service delivery for SAS 70s, and internal audits within the local New York/New Jersey markets.Comanaged Risk IT Audit Technical Review Board while serving as Rutgers School Relationship Manager for the Risk Practice, demonstrating subject matter expertise and generating client growth.Exceeded sales growth after Great Recession of 2008 2009.Oversaw and completed strategic technical reviews of client infrastructure and security architecture.Directed PCI and technology risk management activities for global merchants within leisure/travel, luxury goods, ecommerce, and educational sectors, attesting to clients PCI compliance reports and providing Attestations of Compliance as needed by regulators.Drove departmental and employee advancement, recruiting and mentoring personnel during times of growth.Streamlined testing engagement strategies for high-priority clients, enhancing accounting controls in lending, trading, general ledger, and market valuation activities, reducing service delivery costs while increasing profitability.Decreased number of review comments made by Public Company Audit Oversight Board (PCAOB).Provided clients with expert advice on incident recovery strategies and investigations for data breaches, isolating the cause, and developing a strategy to reduce the risk of future breaches. NYCE Corporation (A Metavante Company), Secaucus, NJ An interbank network connecting ATMs of various financial institutions in the US and Canada, generating $1.2B annually. VICE PRESIDENT, FRAUD AND RISK MANAGEMENT, 2005 2007 Invited to design companywide antifraud and risk management solutions, service, and products after company suffered several major fraudulent activities. Additional focus put on due diligence efforts for new products and partners, security awareness, compliance audits, and liaison to media, trade groups, and industry analysts. Candidate's Name , CPA, CISA, CISSP, PCI-ISA, CIPP IT Page 3Designed NYCEs primary antifraud product, coordinating multiple major fraud investigations while working closely with US Secret Service, state police officers, and local law enforcement. Ernst & Young, LLP, New York, NYMultinational professional services firm with headquarters in London and the US, $36.4B in revenue. MANAGER, TECHNOLOGY AND SECURITY RISK SERVICES, 2005 Supervised 11 staff members and senior auditors on SOX program testing and QA performing various SAS 70 and SEC audits for investment managers within the financial service industry.Managed high-profile clients such as Morgan Stanley, FNMA, and Pershing Securities. NYCE Corporation First Data Corporation, Montvale, NJ Nations second-largest ATM and POS network, processing 1.4 billion annual transactions. VICE PRESIDENT, INTERNAL AUDIT IT AUDIT, 2003 2005 Achieved 1 ratings from the FFIEC. Designed and oversaw risk-based program over an internal ATM and POS payment network. Reported directly to CEO, Audit Committee of the Board of Directors, and bank regulators.Internal Audit played a key role in providing risk management for a varied constituency representing the Board of Directors, 2,200 financial institution participants, and five federal banking agencies. Earlier positions held:Director of Internal Audit, NYCE Corp Manager of Internal Audit, NYCE Corp Internal Auditor, NYCE Corp Senior Audit Officer, First Fidelity Bancorporation Second Vice President and Audit Supervisor, The Chase Manhattan Bank Assistant Treasurer Senior Auditor, The Chase Manhattan Bank EducationBA, Accounting, Rutgers University, Newark, NYChief Information Security Officer (CISO) Certificate Program NYU Tandon School of Engineering (December 2022) Community EngagementsBoard Committee Chair for AICPA and NY Society of CPAs - Risk Assurance and Cyber Risk Committees Publications, Presentations, and WebinarsFederal Reserve/OCCAICPANYSS Journal of Accountancy,ISACA Journal.Bank Administration Institute (BAI)Rutgers University Business School |
